Security News for the Week Ending May 27, 2022
Yet Another Russian Military “Asset” Catches Fire
Russian jet engine design hub Central Aerohydrodynamic Institute which is outside Moscow, did a “halt and catch fire” due to a fire at the electrical substation which powered the former design center. Score one for Ukraine, according to Russia. Russia claims it is the world’s largest scientific research center or at least was. It is assisting in the development of next generation jet aircraft. Judging by the photo, it doesn’t look like much survived. Credit: U K Daily Mail
GM Hit By Credential Stuffing Attack
GM Sent letters to owners of some GM vehicles saying that it appeared that someone redeemed points in their accounts for gift cards, but GM was restoring the points. They say that GM’s systems were not compromised, rather customers reused passwords that were compromised elsewhere, allowing attackers to walk right in and steal the customer’s data. In those cases, GM is not required to make the customer whole, but for PR reasons, it probably makes sense to do that. Credit: Bleeping Computer
Quad Nations Pledge More Collaboration on Cybersecurity Plus
Part of China’s worst nightmare, the leaders of the Quad – Australia, India, Japan and the US – agreed to strengthen collaboration on emerging technologies and cybersecurity with an unspoken subplot of neutralizing China. A few years ago China thought the Quad was a passing fad. With global politics what it is, that turned out to be a miscalculation, one that China is not happy with. Credit: The Register
More and More Ransomware Moves to Extortion
As companies are doing a better job of backups, ransomware isn’t paying as much to get the decryption key. HOWEVER, more ransomware organizations are either selling the stolen data (the Verizon data breach report says that most ransomware attacks now include stealing your data), or extorting the victim by threatening to sell it. If that fails, they just leak the data. The Conti gang leaked all of the data stolen during a January ransomware attack against Linn County Oregon after officials decided not to pay the ransom. They said their backups were good enough and the data stolen wasn’t that sensitive. That will not be the case all of the time. Credit: The Record
CISA Adds 75 More Actively Exploited Bugs to its MUST PATCH List
CISA seems to be pretty serious regarding getting the patching cadence of federal systems up to snuff. This week they added 3 batches of bugs to patch. The first batch included 21 bugs; the second batch included 20 and the third included 34. Some of these bugs are old, including products that are past their expiration date like Microsoft Silverlight and Adobe Flash, but we still see them on systems on a regular basis. Credit: ZDnet
by 